Sunday, 14 June 2015

Govt to revamp sourcing, testing of telecom gear

The
government is looking at a major overhaul of telecom equipment sourcing
and testing in India as it fears that unfettered supplies from foreign
vendors, including Chinese companies, are making the system susceptible
to spyware and malware from unfriendly countries and anti-national
activists.

A Cabinet note is under preparation to work out
standards and order in-country testing of critical telecom equipment as
these have the potential to become easy conduits for spying and leakage
of information, official sources told TOI.

India imported
telecom equipment, including electronic devices, to the tune of nearly
Rs 70,000 crore in 2013-14 (Rs 57,000 crore in 2012-13). Alarmingly, a
little over 60% of these imports emanated from China.

Apart
from the various electronic devices that make their way from the dragon
land, Chinese vendors such as Huawei and ZTE also sell crucial telecom
equipment in India. Other foreign players that supply sophisticated
telecom equipment include Sweden's Ericsson and Finland's Nokia
Networks.

Recognizing potential threats to national security
due to any breach into the sensitive networks, the government has
already issued various amendments to telecom licences, mandating that
operators need to procure equipment which has been tested according to
relevant Indian or international security standards in any accredited
lab.

However, India is still to develop concrete standards,
procedures and tools for testing the equipment. The government has set
up a pilot lab at IISc, Bengaluru even as a group of officers is
preparing the processes and systems for security certification and
testing of telecom equipment and accrediting the certification and test
labs.

With huge delays in laying out the contours for such
testing, the government is also understood to have extended by a year
its proposal to have all the certification done by local agencies and
labs from April this year. Once the testing standards and tools are put
in place, the government intends to even allow private sector players to
set up certification labs. A note to this effect will also be presented
before the Union Cabinet, the sources said.

Telecom operators are currently free to purchase equipment from vendors across the world. However,

operators have been made responsible for ensuring security of their
respective networks. They have to ensure measures like network forensics
and conduct network penetration tests to ascertain robustness of
security apparatus. Also, they have to conduct an audit of their
security preparedness once a year.

The current norms stipulate
the operators to inform the government immediately in case they monitor
intrusions, attacks and any frauds across any wing of their network. The
government has mandated a penalty of Rs 50 crore for any security
breach that has been caused due to inadvertent inadequacies in
precaution on the part of the operator.

Apart from security
threats, the government also feels that domestic manufacturing of
equipment will lead to creation of jobs and prevent a huge outflow of
foreign currency from the country. Also, it is felt that technical
knowledge and IPR creation will also have a spill-over effect on other
allied industries.

The government has already announced a host
of incentives to promote local manufacturing as it looks to create
electronic manufacturing hubs across the country.